SAP NetWeaver Flaws Allow Attackers Access to Enterprise Websites

Vulnerabilities in the SAP NetWeaver platform open the door for attackers to intercept login credentials, register keystrokes, spoof data or perform other illegal activities that could potentially lead to a system compromise.

Positive Technologies has detected the flaws, present in the SAP Enterprise Portal Navigation, SAP Enterprise Portal Theme Editor and the SAP NetWeaver Log Viewer components of the platform.

“Large companies all over the world use SAP to manage financial flows, product lifecycle, relationships with vendors and clients, company resources, procurement and other critical business processes,” said Dmitry Gutsko, head of the Business System Security Unit at Positive Technologies. “It is vital to protect the information stored in SAP systems, as any breach of confidential information could have a devastating impact on the business.”

Leave a Reply

Your email address will not be published. Required fields are marked *